Contact Us 1-800-596-4880
  1. Homepage
  2. Release Notes

  3. Cryptography Module Release Notes for Mule 4

Cryptography Module Release Notes for Mule 4

Cryptography module provides cryptography capabilities to a Mule application.

Support Category: Select

2.0.0

May 29, 2025

What’s New

Cryptography Module 2.0.0 brings important updates, including:

  • Updating default values for connector operations

  • Migrating your PGP Keyring to AES-Encrypted keys when operating in FIPS mode

  • Using different key pairs for Sign, Encrypt, and Decrypt operations to enhance security

  • Using password-based encryption

  • Using BCFKS as the required keystore and truststore type

  • Specifying algorithms dynamically

  • Registering the XMLDSig Security Provider

  • Enabling compatibility for Decrypt or Validate operations without KDF parameters

For details, refer to Upgrading Cryptography Module.

Compatibility

Software Version

Mule

4.4 and later

OpenJDK

8, 11, and 17

1.3.22

November 13, 2024

Compatibility

Software Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

Fixed Issues

Issue Resolution ID

The org.apache.commons:commons-lang3 library is upgraded to version 3.17.0.

W-17024694

The org.apache.commons:commons-io library is upgraded to version 2.17.0.

W-17024694

1.3.21

August 15, 2024

Compatibility

Software Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

Fixed Issues

Issue Resolution ID

The connector no longer throws the No such provider BC error when running multiple flows in parallel.

W-15108894

The org.apache.commons:commons-lang3 library is upgraded to version 3.16.0.

W-15108894

The org.mule.sdk:mule-sdk-api library is upgraded to version 0.9.2.

W-15108894

1.3.20

February 7, 2024

Compatibility

Software Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

Fixed Issues

Issue Resolution ID

PGP operations now support large payloads.

W-14118536

1.3.19

January 19, 2024

Compatibility

Software Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

Fixed Issues

Issue Resolution ID

The PGP Encrypt operation now works correctly.

W-14792113

1.3.18

January 11, 2024

Compatibility

Software Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

Fixed Issues

Issue Resolution ID

The org.apache.santuario:xmlsec library is upgraded to version 2.3.4 to address reported security vulnerabilities.

W-14668416

1.3.17

January 9, 2024

What’s New

  • This connector is now compatible with Java 17.

Compatibility

Software Version

Mule

4.1.1 and later

OpenJDK

8, 11, and 17

1.3.16

September 20, 2023

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue Resolution ID

The Out of memory error no longer occurs for files larger than 300MB on PGP Encrypt, PGP Encrypt and Sign, PGP Encrypt Binary, and PGP Decrypt operations.

W-13797282

1.3.15

September 19, 2023

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue Resolution ID

The dependency org.bouncycastle:bcpg-jdk18on:1.74 replaces org.bouncycastle:bcpg-jdk15on:1.70.

W-13844863

The dependency org.bouncycastle:bcprov-ext-jdk15to18:1.7, which is no longer in use, is removed to fix security vulnerabilities.

W-13844863

1.3.14

November 16, 2022

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue Resolution ID

The Pgp encrypt operation no longer fails when running in a FIPS environment.

W-11900235

1.3.13

November 4, 2022

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue ID

Internal dependencies that fix vulnerability issues are updated.

W-12007146

1.3.12

September 26, 2022

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue ID

Upgraded bcprov-jdk15on to version 1.70 and bcprov-ext-jdk15to18 to version 1.71

W-11676720

1.3.11

August 16, 2022

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue ID

Security updates applied to internal dependecies.

W-11550826

1.3.10

March 15, 2022

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue ID

Security updates applied to internal dependecies.

W-10583033

1.3.9

December 22, 2021

Compatibility

Software Version

Mule

4.1.1 and later

Fixed Issues

Issue ID

Cipher RSA/NONE/OAEPWithSHA1AndMGF1Padding is now supported.

CRYPT-22

1.3.8

June 10, 2021

No new features were added in this version.

Fixed Issues

  • Upgraded internal dependencies.

1.3.7

June 1, 2021

No new features were added in this version.

Fixed Issues

  • Upgraded internal dependencies.

1.3.6

January 21, 2021

No new features were added in this version.

Fixed Issues

  • Unable to locate a key inside the private keyring when decrypting a file that was encrypted using PGP with multiple recipients.

1.3.5

February 28, 2020

No new features were added in this version.

Fixed Issues

Issue Description

EE-7206

The issue that caused JCE decryption operation fails when both random IV and ECB algorithm was selected

1.3.4

February 4, 2020

No new features were added in this version.

Fixed Issues

Issue Description

EE-7197

The issue that caused the inability to create a cipher after deploying the app a second time is fixed.

1.3.3

January 22, 2020

No new features were added in this version.

Fixed Issues

Issue Description

EE-7187

The issue that caused loading secret keys from a keyring that contained both public and secret keys to fail is fixed.

1.3.1

October 1, 2019

No new features were added in this version.

Fixed Issues

Issue Description

EE-7024

XML sign operation honors the elementPath parameter.

1.3.0

September 25, 2019

Features

  • XML Signatures can be verified against certificates contained in the document.

  • It is possible to define an XPath expression to select and verify a signature in an XML document that contains multiple signatures.

  • JCE encryption and decryption use a random initialization vector (IV).

Fixed Issues

Issue Description

EE-6975

Key principal can be recovered from fingerprint.

1.2.0

August 23, 2019

Features

  • Added support for the ECDSA XML Signing algorithm.

No issues were fixed in this version.

1.1.0

August 20, 2019

Features

  • Implemented atomic encrypt and sign operation for PGP.

  • PGP decryption operation can validate signature if found.

  • All PGP encryption operations now include MDC (modification detection code) by default. Although this is unlikely to cause any issues, you can use the disableMDC parameter to revert to the previous behavior if needed.

Fixed Issues

Issue Description

MULE-17337

Upgrade Commons Codec to 1.13

1.0.1

May 23, 2019

Minimum Mule Version

Mule 4.1.1

Fixed Issues

Issue Description

MULE-16870

Upgrade BouncyCastle dependency to 1.61.

MULE-16870

Upgrade Commons Lang dependency to 3.8.1.

MULE-16870

Upgrade Commons Codec dependency to 1.12.

MULE-16870

Upgrade XML Sec dependency to 2.1.3.

1.0.0

Mar 19, 2018

Minimum Mule Version

Mule 4.1.0

See Also